project-memory
Pass
Audited by Gen Agent Trust Hub on Feb 27, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: The skill only performs read and write operations on specific markdown documentation files within the project environment. It does not interact with the network or execute system commands.
- [PROMPT_INJECTION]: The skill possesses a surface for indirect prompt injection because it incorporates untrusted conversation history into persistent documentation. However, the lack of downstream execution capabilities for these markdown files renders the risk negligible. Evidence chain: 1. Ingestion points: Last 5-7 conversation turns. 2. Boundary markers: Absent. 3. Capability inventory: File-write operations to project documentation. 4. Sanitization: Not implemented.
Audit Metadata